Guides implementation of TLS security profiles for OpenShift operators and workloads — reading TLS config from APIServer CR and applying to webhook/metrics servers, HTTP, and gRPC endpoints.
How this command is triggered — by the user, by Claude, or both
Slash command
/openshift-tls-profile:implement [question or implementation request]The summary Claude sees in its command listing — used to decide when to auto-load this command
## Name openshift-tls-profile:implement ## Synopsis ## Description The `openshift-tls-profile:implement` command provides guidance on implementing TLS security profiles for operators and workloads running on OpenShift. It helps with: - **Recommended**: Using `github.com/openshift/controller-runtime-common/pkg/tls` for controller-runtime operators (provides `FetchAPIServerTLSProfile`, `NewTLSConfigFromProfile`, and `SecurityProfileWatcher`) - Reading TLS configuration from the APIServer custom resource - Converting OpenShift TLS profiles to Go `crypto/tls` configuration - Applying TLS...
openshift-tls-profile:implement
/openshift-tls-profile:implement [question or implementation request]
The openshift-tls-profile:implement command provides guidance on implementing TLS security profiles for operators and workloads running on OpenShift. It helps with:
github.com/openshift/controller-runtime-common/pkg/tls for controller-runtime operators (provides FetchAPIServerTLSProfile, NewTLSConfigFromProfile, and SecurityProfileWatcher)crypto/tls configurationgithub.com/openshift/library-go/pkg/crypto utilities for cipher suite conversionObserveTLSSecurityProfile for OpenShift operatorsplugins/openshift-tls-profile/skills/openshift-tls-profile/SKILL.mdGet overview of TLS profile implementation:
/openshift-tls-profile:implement
Ask about reading TLS profile from cluster:
/openshift-tls-profile:implement How do I read the TLS profile from the APIServer CR?
Get help with gRPC server configuration:
/openshift-tls-profile:implement Show me how to configure a gRPC server with the TLS profile
Understand profile change handling:
/openshift-tls-profile:implement How do I respond to TLS profile changes in the cluster?
Use library-go configobserver pattern:
/openshift-tls-profile:implement How do I use ObserveTLSSecurityProfile in my OpenShift operator?
Use controller-runtime-common package:
/openshift-tls-profile:implement How do I use controller-runtime-common for TLS profile support?
9plugins reuse this command
First indexed Mar 30, 2026
Showing the 6 earliest of 9 plugins
npx claudepluginhub petr-muller/openshift-ai-helpers --plugin openshift-tls-profile/implementGuides implementation of TLS security profiles for OpenShift operators and workloads — reading TLS config from APIServer CR and applying to webhook/metrics servers, HTTP, and gRPC endpoints.
/openshiftDiagnoses and resolves OpenShift cluster issues across SCC, Routes, GitOps, and upgrades. Also supports a debug mode for general troubleshooting.
/checklistRuns quality and safety checklist for Kubernetes operators, evaluating CRDs, webhooks, RBAC, tests, dev loops, and troubleshooting. Reports PASS/FAIL/N/A per item with summary and action items.
/setup-admission-controlWalkthrough: Set up Kubernetes admission control to enforce image policies
/cryptoImplements secure cryptography for encryption at rest/in transit, key management, password hashing, digital signatures, JWT, TLS hardening. Generates code, configs, tests, commits. Supports flags like --passwords --tls --audit.
/generate-tuned-profileGenerates a tuned.openshift.io/v1 manifest for the OpenShift Node Tuning Operator, including profile metadata, tuned daemon configuration blocks, and recommendation rules for targeting nodes or MachineConfigPools.